Vulnerabilities > Vincent HOR > Calendarix Advanced > 1.5.2005.05.01

DATE CVE VULNERABILITY TITLE RISK
2006-04-19 CVE-2006-1835 Cross-Site Scripting vulnerability in Calendarix YearCal.PHP
Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix allows remote attackers to inject arbitrary web script or HTML via the ycyear parameter.
network
high complexity
vincent-hor
2.6
2.6